OS X, Unix, and Linux Security Measures

L

legacyb4

Registered
Read through an easily digestible summary for steps to take on hardening Linux server security:

www.8wire.com : Tutorial - Armoring Linux

It sounds like most of this is probably applicable to the OS X, especially the bits about starting/stopping necessary services and the system-level logging. I imagine that as OS X users begin to proliferate on the Net, we will be subjected to the same level of pokes and probes as other Linux users out there.

I'm interested to know just how secure we are if we solely depend on the GUI controls for turning on/off file sharing, web services, etc. as well as using utilities such as Brickhouse to set up firewall protection. Should we have to worry about the micro-level system tweaks Linus/Unix users have to do for security?

Cheers.
 
Fortunately, Apple made the right decision and turned off pretty much everything by default, so an untouched install should be very safe on the network (just did an nmap scan against my machine from another, and found the only open ports were ports I opened myself).

This, however, doesn't say anything about local attacks, but for a desktop-oriented OS, that's not quite as important. A good question is whether anyone is doing any kinds of attack testing against the setuid programs installed.
 
Having posted the above, I decided I should at least go through the process myself of checking off the points listed in the article.

Starting from the top, the inetd.conf has everything already turned off (such as FTP and Telnet).

System startup stuff is handled by OSX's Startup Directory as opposed to multiple levels of RC files used in Linux.

As far as the password files go, it's clearly stated that:
-
Note that this file is consulted when the system is running in single-user mode. At other times, this information is handled by lookupd. By default, lookupd gets information from Netinfo, so this file will not be consulted unless you have changed lookupd's configuration.
-
In addition, the files are set up as indicated which tells me that even if you are running in single-user mode, default configuration is pretty clean.

I haven't gotten as far as reading up and implementing SSH nor TCP wrapping, but I'm sure that information is already floating around on any of the OSX boards.

Cheers.
 
You must log in or register to reply here.
Back
Top